Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

VSCBench: Bridging the Gap in Vision-Language Model Safety Calibration

Jiahui Geng, Qing Li, Zongxiong Chen, Yuxia Wang, Derui Zhu, Zhuohan Xie, Chenyang Lyu, Xiuying Chen, Preslav Nakov, Fakhri Karray

TL;DR

VSCBench introduces a safety-calibration lens for vision-language models, addressing both undersafety and oversafety. By constructing a two-pronged benchmark (image-centric and text-centric) via a human–LLM collaboration pipeline, it evaluates 11 VLMs and reveals persistent calibration gaps across categories and modalities. The work systematically analyzes test-time calibration methods (prompt-based and activation-based) and shows that improvements in safety often come at the expense of model utility, underscoring the need for advanced calibration techniques. Overall, VSCBench provides a rigorous framework and dataset to drive safer VLMs in real-world, multimodal settings with practical implications for model deployment and evaluation.

Abstract

The rapid advancement of vision-language models (VLMs) has brought a lot of attention to their safety alignment. However, existing methods have primarily focused on model undersafety, where the model responds to hazardous queries, while neglecting oversafety, where the model refuses to answer safe queries. In this paper, we introduce the concept of $\textit{safety calibration}$, which systematically addresses both undersafety and oversafety. Specifically, we present $\textbf{VSCBench}$, a novel dataset of 3,600 image-text pairs that are visually or textually similar but differ in terms of safety, which is designed to evaluate safety calibration across image-centric and text-centric scenarios. Based on our benchmark, we evaluate safety calibration across eleven widely used VLMs. Our extensive experiments revealed major issues with both undersafety and oversafety. We further investigated four approaches to improve the model's safety calibration. We found that even though some methods effectively calibrated the models' safety problems, these methods also lead to the degradation of models' utility. This trade-off underscores the urgent need for advanced calibration methods, and our benchmark provides a valuable tool for evaluating future approaches. Our code and data are available at https://github.com/jiahuigeng/VSCBench.git.

VSCBench: Bridging the Gap in Vision-Language Model Safety Calibration

TL;DR

VSCBench introduces a safety-calibration lens for vision-language models, addressing both undersafety and oversafety. By constructing a two-pronged benchmark (image-centric and text-centric) via a human–LLM collaboration pipeline, it evaluates 11 VLMs and reveals persistent calibration gaps across categories and modalities. The work systematically analyzes test-time calibration methods (prompt-based and activation-based) and shows that improvements in safety often come at the expense of model utility, underscoring the need for advanced calibration techniques. Overall, VSCBench provides a rigorous framework and dataset to drive safer VLMs in real-world, multimodal settings with practical implications for model deployment and evaluation.

Abstract

The rapid advancement of vision-language models (VLMs) has brought a lot of attention to their safety alignment. However, existing methods have primarily focused on model undersafety, where the model responds to hazardous queries, while neglecting oversafety, where the model refuses to answer safe queries. In this paper, we introduce the concept of , which systematically addresses both undersafety and oversafety. Specifically, we present , a novel dataset of 3,600 image-text pairs that are visually or textually similar but differ in terms of safety, which is designed to evaluate safety calibration across image-centric and text-centric scenarios. Based on our benchmark, we evaluate safety calibration across eleven widely used VLMs. Our extensive experiments revealed major issues with both undersafety and oversafety. We further investigated four approaches to improve the model's safety calibration. We found that even though some methods effectively calibrated the models' safety problems, these methods also lead to the degradation of models' utility. This trade-off underscores the urgent need for advanced calibration methods, and our benchmark provides a valuable tool for evaluating future approaches. Our code and data are available at https://github.com/jiahuigeng/VSCBench.git.

Paper Structure

This paper contains 45 sections, 2 equations, 5 figures, 5 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. Attack and Defense Methods for VLMs
  4. Evaluating the Safety of LLMs and VLMs
  5. VSCBench
  6. Benchmark Design
  7. Dataset Construction Framework
  8. Image-Centric Dataset
  9. Step 1: Leveraging LLMs for candidate generation.
  10. Step 2: Constructing a multimodal dataset using image retrieval.
  11. Step 3: Human verification of the images and the queries.
  12. Text-Centric Dataset
  13. Step 1: Leveraging LLMs for text processing.
  14. Step 2: Text-to-Image transformation.
  15. Step 3: Human verification of the images and the queries.
  16. ...and 30 more sections

Figures (5)

  • Figure 1: Safety calibration evaluation of various VLMs on VSCBench, showing prevalent oversafety and undersafety. The performance of proprietary, open-weight, and safety-aligned models is denoted in red, green, and blue color, respectively.
  • Figure 2: Overview of the human-LLM collaborative framework for dataset construction. LLMs are prompted to generate candidate descriptions across various themes, to extract relevant information, and to rephrase queries to facilitate the creation of corresponding images. A rigorous human verification process ensures the data quality by preventing issues such as image--text mismatches and unintended visual information leakage.
  • Figure 3: Representative examples illustrating the causes for incorrect responses.
  • Figure 4: Illustration of different models' responses to unsafe queries, showing distinctions between safe, toxic, and non-toxic but unsafe outputs.
  • Figure 5: Calibration results for different methods and VLMs. The four subfigures in the top row show the calibration performance of various methods on the Gemini, Claude, InternVL, and VLGuard models, respectively. The four subfigures in the bottom show the impact of different methods on the helpfulness of the same four models. In the subfigures above, different colors represent different datasets, while the varying shapes of the points correspond to different methods. In the subfigures below, different colors indicate different methods.